Security Warning - secure HTTPS

Similar Messages

• Internet Explorer Security warning in HTTPS evironment

  Hello,
  We have a webdynpro application which is integrated into portal.
  The app runs in https environment.
  The problem is: during accessing the page, I get the warning popup:
  "This page contains both secure and nonsecure items. Do you want to display the nonsecure items?"
  The problem is in the calendar drop down component run not in https environment (standard webdynpro -->javascript).
  Do you have idea for the possible solution?
  Thanks

  Hi,
  My immediate reaction is don't panic! If you are testing your
  own page from your own local server then there is nothing to worry
  about. The whole issue of Active X controls is another sore point
  when having to deal with Microsoft's handling of interactive
  content.
  Triggering of the warning can be caused by various things
  other than the obvious contact with dynamic content. Here is an old
  thread from a discussion on why Active X warning appear on your own
  pages.
  http://www.dreamincode.net/forums/showtopic16624.htm
  Googling will find more evidence for you to trace. Your code
  looks fine to me and is not a threat to your system if it came off
  of your own local server.
  Active X is a pain in the butt.
  regards
  Nick Barling
  www.barkingweb.com

• Security warning 'access more than one site..' - URGENT HELP

  Hi All
  (USING: Reader 707 + Reader extension 702 or Acrobat 707 )
  I am having big trouble with this Acrobat/reader security warning:
  Security Warning
  'This document as accessed more than one site and might be trying to share data among different locations. This could be a privacy concern. Are you sure you want to continue?'
  I know it is more an acrobat/Reader issue than designer, but hope that one outthere has ideas.
  Problem:
  We have 4 servers sharing the load for a webservice. I have coded webservice connection in javascript in Designer 7.1 using SOAP.
  The webservice look up data, but i recieve the security warning each time I perform the look up. I have added all sites to Trust Manager, so that is not the problem!
  I think the very problem is that Acrobat/Reader request to a DNS alias, but later recieve response from ONE of the specific servers!
  Acrobat/Reader request webService on:
  http://ck/web/services/FormularWebservice?wsdl;
  Acrobat/Reader recieve answer from (for example: da1650 - one of the 4 servers)
  http://da1650:9081/web/services/FormularWebservice?wsdl;
  So Acrobat/Reader shows the security warning because it suddenly recieve a response from a server that is does not know it has requested against - This is what I think happens!
  Have anyone experinced a similiar situation? any ideas? All comments/ideas/solutions are appreciated. As the warning is very anoying to the user I cannot launch my LC forms so I need a solution...
  Kr.
  ThomasG - Denmark

  just a note:
  WebService URLs are only internal, so cannot be reached!

• How to stop HTTP Security warning message in transactional iview

  When I am trying to access ECC through transactional iview then I am getting HTTP security warning message i.e. This page contains both secure and nonsecure items. Do you want to display the nonsecure items?
  I think it is because portal is accessable using HTTPS protocol and when we access ECC then it uses HTTP Protocol.
  Pl help to resolve.

  Hi AshuGrover_in,
  First, welcome on SDN!
  > I think it is because portal is accessable using HTTPS protocol and when we access ECC then it uses HTTP Protocol.
  > Pl help to resolve.
  This might very well be the root cause of the issue, and if it is, you know the resolution - make all systems accessible via https.
  Anyhow, to examine the exact cause creating this message you could use tools like HttpWatch or something similar and record the client accesses to the server. If you originally have a GET to a https address, the first http request caused by the original request will throw this message.
  Theoretically, on client side, you can switch off this message: Search for "switch off http https warning" on google and you will get all possible instructions for the different clients. Anyhow, a clean landscape design with complete https connections is the aim you should have.
  Hope it helps
  Detlev
  PS: On SDN, if something helps, you might reward the answer, check it out.

• Security warning in Plugin 1.4.0 during HTTPS applet download

  Hi,
  I develop a simple applet, which is unsigned beause doens't do critical operation like read or write on client File Systen. But I download it from an HTTPS web server and the certificate installed in the server is created by GlobalSign.
  In Plugin 1.3 and previous release, I could download and run my applet from a HTTP or HTTPS site without problem.
  In the Plugin 1.4 BEFORE i download my applet, a security warning popup appears, and it inform me that i try to install a "untrusted" cerfificate for HTTPS comunication.
  I known that in Java Plugin 1.3 HTTPS connection are managed by Browser and for example in IE the GlobalSign CA certificate is trust, but in Java Plugin 1.4 itself manage the HTTPS connection, and the GlobalSign CA certificate is not present in the default CA trusted certificates.
  My costumer is not very "happy" that his costumer see this security warning when download my applet...
  So, the question: is it possible to avoid this message in the default plugin 1.4 configuration?
  If this is not possible I must use a CA certificate which is trust for Java Plugin, abandoning the GlobalSign certificate.
  Best regards
  Michele

  Here is perhaps a related problem. In IE6 I go to an https mode along with a basic authentication to view a series of private webpages. When I reach the webpage with my applet, I have to autheticate the applet before proceeding. Is the way the Sun Plugin should work? I know the Sun Plugin uses the IE API for server transactions, but in the case of an applet, it must start a new (basic authentication) instance. After the first authentication of the applet, all other applets down the line do not require a username and password.

• Security warning https setup IE 8.0 with Anychart 5 in APEX 4.0

  Hi
  We use Oracle Http server , the https setup is handled in the firewall setup, we use Apex 4.0
  We try to use IE 8.0 with APEX 4.0 and using anychart in a report portal like application. We are using https protocol and this runs just fine in Firefox and Chrome, but when running IE 8.0 we run into the problem with displaying the content. We get the Security Warning message box asking if we want to display only the content that was delivered securly. We have traced the problem down to that the problem is because of using Anychart charts. When we remove the anychart regions the security problem is removed.
  We have tried with setup of #HOST_PROTOCOL# to https which apex 4.0 have made available for anychart codebase, but this does not help, link to Anychart websiste
  http://www.anychart.com/products/anychart/docs/users-guide/index.html?security-error.html is talking about setup of crossdomain.xml on the root catalog on the webserver.
  Using Anychart 5.0 and APEX 4.0 with https in IE gives popup of Security Warning message box, any idea how we could solve this problem?
  Edited by: user9252117 on Aug 25, 2010 3:13 AM

  Hi Patric
  Tis is realy interesting,
  BTW: the select owa_util.get_cgi_env('REQUEST_PROTOCOL') from dual; returns http.
  I changed the #HOST_PROTOCOL# in the region source, and then it worked well for the first time, if i took a refresh on the page the message box popped up again, going back to the region source the https was replaced with #HOST_PROTOCOL# again overwriting the changes i had made, it looks like the code is updated when the page is executed, sounds strange to me, so then i am back where i started.
  The switch to https protocol was made by setting PlsqlCGIEnvironmentList REQUEST_PROTOCOL=https in dads.conf, BUT then we got back to the stage where the charts was not displaying at all and we have tride to setup crossdomain.xml and put at document root at apache but we have not been able to make this working.
  We have a situation where it works and that is when https is put into region source code but this is overwritten.
  The apache webserver is running on port 7777 and the https is handled in the firwall setup so i guess we have a reverse proxy setup or something like that.
  Any idea why the #HOST_PROTOCOL# is overwritten?
  kind regards
  jon

• Flash & https: Security Warning

  Hi,
  We are implementing a small flash site.
  This flash site is placed on a secure server environment (HTTPS)
  when the site is launched it shows up a security warning message saying
  "This webpage contains content that will not be delivered using secure HTTPS connection, which could compromise security of the entire webpage."
  The site accessed elements like xmls/images/swf.
  We have used all the assets using relative path as they are present in the main folder where the index.html resides.
  Can you please guide me as how to resolve this issue and stop the popup coming.
  thanks,
  pravin g

  Hi,
  Thanks for your interest and extremly sorry for my late reply.
  Unfortunately I cannot share the URL.
  But we found that the problem was in the domain implemention side. Due to some confussion some files were kept on http server while some where on https.
  now that we moved evrything on https server it is working fine.
  Greetings,
  pravin g

• How to disable IE Security Warning on opening a "local" visio file with Visio Viewer ActiveX?

  Hello all,
  Everyone knows that Microsoft released ActiveX based Visio Viewer for free and allow the users to open Visio drawing and view/print via IE browser.
  The problem that I am facing is that some users are complaining about IE browser's security warning on "active content to run in files on My Computer".
  It means that opening .VSD files from the network, internet, intranet would be all OK but if the user wants to open .VSD files from the local hard drive (or open it as a mail attachment, which will extract it to a temp folder), it prompt the user to select "Allow Blocked Content" EVERYTIME they open them.
  I know that I can GLOBALLY disable this warning by going through Tools - Internet Options - Security section and enable "Allow active content to run in files on My Computer" but I hope that there is a way (or workaround) to allow them by file type or location, etc.
  Questions:
  1. Is there any way to disable those warning for all .VSD only while we still UNCHECK the option on Internet Options?
  2. Is there any 3rd party Win32 based viewer which wouldn't have those restriction?
  3. Is it safe assumption that McAfee VirusScan and Host IPS protection is sufficient enough to remove the IE's security warning feature?
  Thanks in advance?
  Young-

  Are you able to host/launch the VSD file via an HTM page? In that case you can format the HTM page as shown below. This will trick IE into thinking it is loading the file off of a website. Commonly called 'mark of the web'.
  <?xml version="1.0" encoding="utf-8" ?>
  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  <!-- saved from url=(0014)about:internet -->
  <html>
  </html>

• Importing fdf with js always get security warning

  Hi, I have a form with some options (1 category as text with drop down and 5 radio button). The selection get the name of the fdf file to import. On import I get every time the security warning. I select the "Remember this action..." and I click "Allow". In the Settings/Security (Enhanced) the path and the file doesn't appear, so I set it manually, but I still get the security warning everytime. Files are stored locally in a different partion as the system. This happens on 2 machines (Mac 10.7, Mac10.8, Acrobat X, ACrobat XI, Reader XI).
  this is the script
  var A = "/Volumes/Data_Sharing/Projects/.../.../.../";
  var B = getField("Category").valueAsString;
  var C = "-okom-data.fdf";
  var D = A + B + C;
  var E = this.getField("Text1");
  E.value = D;
  this.importAnFDF(D);
  The field Text1 is only a string visualisation for controlling
  If I set an Import Data Event without js I don't have any security warning with fdf (but always with xfdf, xml and text files).
  If you know what I miss, thanks for any suggestion
  Curzio

  Unfortunately i dont think its possible.
  You'd think a deployment could restrict warnings for a local intranet, or have an exception list.
  There was another answer i did see but i would not recommend this at all. Even the person who put the post up does not recommend it.
  http://forums.sun.com/thread.jspa?threadID=5253971
  You have two options, do not have java 1.6 on the desktop as this is the version that brings up the security warning. Or you can try the new
  application with java 1.6 (As long as all functionality is tested). This will satisfy your new app, but not the applications that run of the older
  java runtime environments. (we are going to test the application under 1.6 even though its not a supported certification by the vendor.)

• Removing the "Security Warning" dialogue box on default when a PDF is opened

  Hey
  I have created a pdf document with a specific data written using iText Libraries. I have actually created a beacon that generates a notification sent to the owner's email when the pdf is opened.
  The code is under OpenAction. The problem I am facing is that as I open the document, a dialogue box is opened saying "Security Warning" The document is trying to connect to : URL. How do I get rid of this dialogue box. ? I don't want this dialogue box to appear and allow the connection by default. I have tried playing with the Trust Manager - but that doesn't seem to be the solution, as  am trying to execute my PDF document at a remote machine.

  There was a lot of media fuss years back when it was found out that PDF files could "phone home", i.e. do what you want to do. So Adobe put this warning in. It wouldn't be much good as a warning if the creator of a PDF could choose to turn it off!
  Document creators like to track people opening documents. Privacy advocates consider this a breach of privacy. The latter group shouts louder. http://en.wikipedia.org/wiki/Phoning_home

• Help about Warning Security IE 8.0

  Hello Guys,
  I need help about warning security IE 8.0.
  When I try install a software from my webserver is display the following message:
  I can't check the publisher.Are you sure install the software?
  This file does not have a valide digital signature that verifies its publisher.
  You should only install software from publishers you trust.
  Well, I already enable:
  Download signed ActiveX controls
  Download unsigned ActiveX controls
  Allow active content from CDs to run on user machines Enabled 
  Allow software to run or install even if the signature is invalid Enabled 
  Check for server certificate revocation Disabled 
  Check for signatures on downloaded programs Disabled 
  Is there somewhere I disable all settings warning's about IE or one specific GPO I need disable for this warning don't display for me?
  In the same installation a lot of about file .cab are installed, only one specifc I don't have sucess.
  I try some troubleshootings too:
  https://social.technet.microsoft.com/Forums/windows/en-US/8f8293c4-0920-462f-9c69-0a8e3f92aa02/unknown-publishers-warning
  https://www.youtube.com/watch?v=UknQn6tZZis
  http://windows-3322.blogspot.com.br/2011/02/how-to-repair-activex-error.html
  Thanks a lot who answer me or about any idea about my issue.

  This file does not have a valide digital signature that verifies its publisher.
  Did you see your result
  https://social.technet.microsoft.com/Forums/windows/en-US/8f8293c4-0920-462f-9c69-0a8e3f92aa02/unknown-publishers-warning
  <quote>
  Changing the time zone actually worked.
  </quote>
  Robert Aldwinckle

• Disable "Open File Security Warning"

  Hi whenever I try to open a file from the local hardrive I get the "Open File Security Warning" asking me whether I want to open the file or not. This is getting rather annoying. I searched online but everything I found seems to be dealing with network shares and I am not using that. Just a file on the local hard drive in the computer I am using to the right of me. I remember in my last install I turned it off somehow, but for the life of me I can't figure out how I did it. Anybody have any ideas? Or is this here to stay?

  Windows 7 - Launching unsafe files is in this path;
  IE -> Internet Options -> Security tab -> Custome Level -> Scroll down in Settings -> Look for radio button "Launching applications and unsafe files (not secure)".
  Don't know if it solves the problem or not but option is there.
  Great, on Windows 8 x64 this is an option I can find and set.
  It will generate a nasty warning in the system tray. And does not solve the problem:
  I have downloaded a warez archive and extracted it. The resulting .exe file is a wrapped program which will extract everything to my choosings. I've used it before. 
  When I try to run the program, all I get is: 
  Windows Security
  These files can't be opened
  Your internet security settings prevented one or more files from being opened. 
  Show details | Close
  I do not use IE, I use chrome. What is this strange behaviour?? :(
  Post-EDIT: I found this link with detailed steps for Windows 8, including screenshots.
  http://www.c-sharpcorner.com/UploadFile/e83792/how-to-disable-the-open-file-security-warning-in-windows-8/
  But this does not solve my particular problem :s
  ... Peace!
  Devvie
  ~~~ [email protected] ~~~
  Cuisvis hominis est errare, nullius nisi insipientis in errore persevare
  All spelling mistakes are my own and may only be distributed under the GNU General Public License! – (© 95-1 by Coredump; 2-013 by DevNullius)
  2nd POST-EDIT: I solved it with a little tool: streams! Read more here: http://scforum.info/index.php/topic,8543.msg22024.html#msg22024 and be done with this IE sheit. Who uses IE anyways and why is it important when I want to run a local file :| The future
  looks grimm :(

• Security warning for any connect VPN " Untrusted VPN server Certificate"

  Is there any way to disable this security warning  ( " Untrusted VPN server Certificate") with self sign certificate on the ASA 

  Hi Anton,
  Please have a look at the link below:
  http://docs.acl.com/ex/300/index.jsp?topic=%2Fcom.acl.ax.exception.installguide%2Fexception%2Finstallation%2Ft_installing_the_self-signed_certificate.html
  This is for IE. You should get steps for FF and CHROME out there easily as well.
  Regards,
  Kanwal
  Note: Please mark answers if they are helpful.

• All websites including Firefox have security warning "the information you entered is to be sent over an unencrypted connection and could be seen by a third party" Firefox is not safe date started July 1, 2010 even when I remmove the security warnings the

  security warning "the information you have entered is to be sent over an unencrypted connection and could be seen by a third party" this warning appears on ALL websites, including all Firefox sites, happened after a MSupdate on July 1, 2010. I wont use Firefox is is not safe - hwat happened?
  == This happened ==
  Every time Firefox opened
  == july 1, 2010

  Ignore that warning. Report it to the Website Developers of the websites on which you are seeing this message. Ask them to deploy Secure HTTP Connection. And use secure Websites (https) addresses.
  Site Identity Button
  * https://support.mozilla.com/en-US/kb/Site%20Identity%20Button

• Security warning when searching

  33.1.1, XP, SP3
  Since upgrading to 33.1.1 every time I do a Google search from my BT Home Page I get the following security warning:
  "Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.
  "Are you sure you want to continue sending this information?"
  I am aware that Google search in Firefox's default page is encrypted and I also know that if I use Google search in the address bar of my BT Home Page there is no warning (presumably because I'm still effectively using Firefox).
  As stated this has only started happening since the upgrade to 31.1.1 - is this a new addition?
  It is much more convenient to use the large search box on my BT page as the cursor is placed there by default.
  Obviously I don't want to people to track my searches although I have been using non-encrypted http for years. However, is there any way I can set my BT search panel to https or to tell Firefox that https should be used on that page? Probably not.
  As a last resort, is there any way I can turn off this annoying warning?

  Unless you actually use the Shockwave (director) player for some certain games or interactive learning things, you may not likely need it compared to the Flash Player anyways. So you might as well uninstall it versus having to keep it updated.